25177 matches found
CODESYS Control 缓冲区错误漏洞
CODESYS Control is a suite of industrial control program programming software from CODESYS, Germany. CODESYS Control suffers from a buffer error vulnerability that originates from a contention that can be exploited by an unauthenticated, remote attacker to trigger an out-of-bounds read in the...
Photon OS 5.0: Linux PHSA-2025-5.0-0670
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0670. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 4.0: Frr PHSA-2025-4.0-0915
An update of the frr package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0915. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid27693...
Photon OS 4.0: Rabbitmq PHSA-2025-4.0-0915
An update of the rabbitmq package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0915. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 5.0: Linux PHSA-2025-5.0-0691
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0691. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
PT-2025-48495
Name of the Vulnerable Software and Affected Versions Avast Antivirus versions 16.0.0 on MacOS Avast Antivirus versions 3.0.3 on Linux Description A NULL pointer dereference issue exists in Avast Antivirus when scanning a malformed Windows PE file. This can cause the antivirus process to crash on...
PT-2025-48466
Due to a firewall misconfiguration, Kerlink devices running KerOS prior to 5.12 incorrectly accept specially crafted UDP packets. This allows an attacker to bypass the firewall and access UDP-based services that would otherwise be protected...
CVE-2024-32384
Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTTP, without HTTPS support. This lack of transport layer security allows a man-in-the-middle attacker to intercept and modify traffic between the client and the device...
EUVD-2024-30206
Due to a firewall misconfiguration, Kerlink devices running KerOS prior to 5.12 incorrectly accept specially crafted UDP packets. This allows an attacker to bypass the firewall and access UDP-based services that would otherwise be protected...
Photon OS 5.0: Libpng PHSA-2025-5.0-0694
An update of the libpng package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0694. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Important Photon OS Security Update - PHSA-2025-5.0-0695
Updates of 'linux-esx', 'wireshark', 'linux' packages of Photon OS have been released...
RLSA-2025:22005 Moderate: go-rpm-macros security update
This package provides build-stage rpm automation to simplify the creation of Go language golang packages. It does not need to be included in the default build root: go-srpm-macros will pull it in for Go packages only. Security Fixes: os/exec: Unexpected paths returned from LookPath in os/exec...
Huawei EMUI和Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is Huawei's self-developed distributed operating system, designed for cell phones, tablets, smart homes and other full-scene devices to achieve seamless cross-device collaboration. Huawei EMUI is Huawei's deeply customized mobile operating system based on Android. A privilege...
Cisco Catalyst Center Operating System Command Injection Vulnerability
Cisco Catalyst Center Cisco DNA Center is a network management system from the American company Cisco. Cisco Catalyst Center Cisco DNA Center suffers from an operating system command injection vulnerability that stems from insufficient user input validation. An attacker could exploit this...
CVE-2025-62354
Improper neutralization of special elements used in an OS command 'command injection' in Cursor allows an unauthorized attacker to execute commands that are outside of those specified in the allowlist, resulting in arbitrary code execution...
VulnCheck KEV: CVE-2025-8943
The Custom MCPs feature is designed to execute OS commands, for instance, using tools like npx to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks role-based access controls RBAC. Furthermore, in Flowise versions before 3.0.1 the...
Important Photon OS Security Update - PHSA-2025-5.0-0691
Updates of 'cifs-utils', 'linux-esx', 'linux' packages of Photon OS have been released...
SDMC NE6037 操作系统命令注入漏洞
The SDMC NE6037 is a cable modem from China's Sinodisk SDMC. An operating system command injection vulnerability exists in the SDMC NE6037 versions prior to 7.1.12.2.44, which stems from a shell command injection vulnerability in the Network Diagnostic Tool...
CVE-2025-64127
An OS command injection vulnerability exists due to insufficient sanitization of user-supplied input. The application accepts parameters that are later incorporated into OS commands without adequate validation. This could allow an unauthenticated attacker to execute arbitrary commands remotely...
CVE-2025-64128
An OS command injection vulnerability exists due to incomplete validation of user-supplied input. Validation fails to enforce sufficient formatting rules, which could permit attackers to append arbitrary data. This could allow an unauthenticated attacker to inject arbitrary commands...